Compliance Management, Critical Infrastructure Security, Privacy, Security Strategy, Plan, Budget

Vulnerability analysis: Mu Dynamics

When your price starts at $50,000 and you are unique in your marketplace, you'd better have a good product. For Mu Dynamics, that is just where the story starts. When I first met the Mu folks, they were Mu Security. A new name later, they still are the innovators they were a couple of years ago. My conversation with a Mu visionary was an eye-opener.

Vulnerability assessment does not sound particularly exciting. Actually, the genre has become commoditized. So why is this of interest? It's interesting because Mu is not and, as far as I know, never has been an ordinary vulnerability assessment company. In fact, Mu is, again as far as I know, the only serious vulnerability analysis company around.

Philosophically, Mu believes that the complexities of interoperability and the movement away from proprietary communications stacks and protocols makes testing much more difficult. They also believe, as do I, that vulnerabilities pose an unbounded problem. Today's customers are the ones who have made this shift and know what it implies, while tomorrow's custom­ers have made the shift, but still are struggling with the unbounded problem of vulnerabilities.

Here's where Mu shines. The Mu product began as a way to test critical components of large networks. Today the Mu 4000 can test those components, but it can look at a bigger network picture as well.

This allows the company to analyze protocol errors before the bad guys do. This has as one ben­efit beating the zero-day problem at its own game. But it has a perhaps unintended consequence as well: finding protocol and stack-related problems also improves performance.

But for Mu, innovation does not stop there. This company hardly makes a move without socializing through a base of customers and, perhaps not-yet-customers.

Adding capabilities, providing for customization, analyzing use cases to find new ways to improve and extend the Mu-4000 Service Analyzer v3.5, and working on ways to test proprietary protocols all fits under the category of prod­uct improvement through strong customer communications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.